GraphicsMagick is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to cause denial-of-service conditions.
Versions prior to GraphicsMagick 1.3.26 are vulnerable.
Information
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References:
- #459 allocation failure in ReadOnePNGImage (Sourceforge)
- check MemoryResource before attempting to allocate ping_pixels array (Graphicsmagick)
- GraphicsMagick Homepage (GraphicsMagick)